[2640] in cryptography@c2.net mail archive
Re: Netscape Passwords...?
daemon@ATHENA.MIT.EDU (Jeff Weinstein)
Thu May 7 13:26:48 1998
Date: Tue, 05 May 1998 21:06:55 -0700
From: jsw@netscape.com (Jeff Weinstein)
To: EKR <ekr@terisa.com>
CC: cryptography@c2.net
What they mean is that we will tell you how to configure communicator
to work without a password. This involves changing your password
to an empty string. If you do not set values for your new password,
you will be warned that you are operating without a password, and
instructed how to re-enable a password.
There is no hidden back door to these files.
--Jeff
EKR wrote:
>
> Black Unicorn <unicorn@schloss.li> writes:
>
> > >From Verisign:
> > Note: if you do not want to delete all of your Digital IDs, please contact
> > Netscape Customer
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > Service for assistance with bypassing the password protection.
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > [end ]
> >
> > Uh, really?
> Well, Netscape's key file is encrypted under a digested password,
> so you certainly could run some sort of Crack variant.
>
> There may be some additional place where they scribble the
> password down. Don't know about that.
